google-cloud-security_center-v1p1beta1 0.1.0

data/proto_docs/google/cloud/securitycenter/v1p1beta1/asset.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1p1beta1
+        # Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud
+        # Platform (GCP) resource.
+        #
+        # The Asset is a Cloud SCC resource that captures information about a single
+        # GCP resource. All modifications to an Asset are only within the context of
+        # Cloud SCC and don't affect the referenced GCP resource.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of this asset. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/assets/\\{asset_id}".
+        # @!attribute [rw] security_center_properties
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::Asset::SecurityCenterProperties]
+        #     Cloud SCC managed properties. These properties are managed by
+        #     Cloud SCC and cannot be modified by the user.
+        # @!attribute [rw] resource_properties
+        #   @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
+        #     Resource managed properties. These properties are managed and defined by
+        #     the GCP resource and cannot be modified by the user.
+        # @!attribute [rw] security_marks
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
+        #     User specified security marks. These marks are entirely managed by the user
+        #     and come from the SecurityMarks resource that belongs to the asset.
+        # @!attribute [rw] create_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the asset was created in Cloud SCC.
+        # @!attribute [rw] update_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the asset was last updated, added, or deleted in Cloud
+        #     SCC.
+        # @!attribute [rw] iam_policy
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::Asset::IamPolicy]
+        #     IAM Policy information associated with the GCP resource described by the
+        #     Cloud SCC asset. This information is managed and defined by the GCP
+        #     resource and cannot be modified by the user.
+        class Asset
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+
+          # Cloud SCC managed properties. These properties are managed by Cloud SCC and
+          # cannot be modified by the user.
+          # @!attribute [rw] resource_name
+          #   @return [String]
+          #     The full resource name of the GCP resource this asset
+          #     represents. This field is immutable after create time. See:
+          #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+          # @!attribute [rw] resource_type
+          #   @return [String]
+          #     The type of the GCP resource. Examples include: APPLICATION,
+          #     PROJECT, and ORGANIZATION. This is a case insensitive field defined by
+          #     Cloud SCC and/or the producer of the resource and is immutable
+          #     after create time.
+          # @!attribute [rw] resource_parent
+          #   @return [String]
+          #     The full resource name of the immediate parent of the resource. See:
+          #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+          # @!attribute [rw] resource_project
+          #   @return [String]
+          #     The full resource name of the project the resource belongs to. See:
+          #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+          # @!attribute [rw] resource_owners
+          #   @return [Array<String>]
+          #     Owners of the Google Cloud resource.
+          # @!attribute [rw] resource_display_name
+          #   @return [String]
+          #     The user defined display name for this resource.
+          # @!attribute [rw] resource_parent_display_name
+          #   @return [String]
+          #     The user defined display name for the parent of this resource.
+          # @!attribute [rw] resource_project_display_name
+          #   @return [String]
+          #     The user defined display name for the project of this resource.
+          class SecurityCenterProperties
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # IAM Policy information associated with the GCP resource described by the
+          # Cloud SCC asset. This information is managed and defined by the GCP
+          # resource and cannot be modified by the user.
+          # @!attribute [rw] policy_blob
+          #   @return [String]
+          #     The JSON representation of the Policy associated with the asset.
+          #     See https://cloud.google.com/iam/reference/rest/v1/Policy for
+          #     format details.
+          class IamPolicy
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # @!attribute [rw] key
+          #   @return [String]
+          # @!attribute [rw] value
+          #   @return [Google::Protobuf::Value]
+          class ResourcePropertiesEntry
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1p1beta1/finding.rb

@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1p1beta1
+        # Cloud Security Command Center (Cloud SCC) finding.
+        #
+        # A finding is a record of assessment data (security, risk, health or privacy)
+        # ingested into Cloud SCC for presentation, notification, analysis,
+        # policy testing, and enforcement. For example, an XSS vulnerability in an
+        # App Engine application is a finding.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of this finding. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}"
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     The relative resource name of the source the finding belongs to. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     This field is immutable after creation time.
+        #     For example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}"
+        # @!attribute [rw] resource_name
+        #   @return [String]
+        #     For findings on Google Cloud Platform (GCP) resources, the full resource
+        #     name of the GCP resource this finding is for. See:
+        #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        #     When the finding is for a non-GCP resource, the resourceName can be a
+        #     customer or partner defined string.
+        #     This field is immutable after creation time.
+        # @!attribute [rw] state
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding::State]
+        #     The state of the finding.
+        # @!attribute [rw] category
+        #   @return [String]
+        #     The additional taxonomy group within findings from a given source.
+        #     This field is immutable after creation time.
+        #     Example: "XSS_FLASH_INJECTION"
+        # @!attribute [rw] external_uri
+        #   @return [String]
+        #     The URI that, if available, points to a web page outside of Cloud SCC
+        #     where additional information about the finding can be found. This field is
+        #     guaranteed to be either empty or a well formed URL.
+        # @!attribute [rw] source_properties
+        #   @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
+        #     Source specific properties. These properties are managed by the source
+        #     that writes the finding. The key names in the source_properties map must be
+        #     between 1 and 255 characters, and must start with a letter and contain
+        #     alphanumeric characters or underscores only.
+        # @!attribute [r] security_marks
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
+        #     Output only. User specified security marks. These marks are entirely
+        #     managed by the user and come from the SecurityMarks resource that belongs
+        #     to the finding.
+        # @!attribute [rw] event_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the event took place. For example, if the finding
+        #     represents an open firewall it would capture the time the detector believes
+        #     the firewall became open. The accuracy is determined by the detector.
+        # @!attribute [rw] create_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the finding was created in Cloud SCC.
+        class Finding
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+
+          # @!attribute [rw] key
+          #   @return [String]
+          # @!attribute [rw] value
+          #   @return [Google::Protobuf::Value]
+          class SourcePropertiesEntry
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # The state of the finding.
+          module State
+            # Unspecified state.
+            STATE_UNSPECIFIED = 0
+
+            # The finding requires attention and has not been addressed yet.
+            ACTIVE = 1
+
+            # The finding has been fixed, triaged as a non-issue or otherwise addressed
+            # and is no longer active.
+            INACTIVE = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1p1beta1/notification_config.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1p1beta1
+        # Cloud Security Command Center (Cloud SCC) notification configs.
+        #
+        # A notification config is a Cloud SCC resource that contains the configuration
+        # to send notifications for create/update events of findings, assets and etc.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of this notification config. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/notificationConfigs/notify_public_bucket".
+        # @!attribute [rw] description
+        #   @return [String]
+        #     The description of the notification config (max of 1024 characters).
+        # @!attribute [rw] event_type
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig::EventType]
+        #     The type of events the config is for, e.g. FINDING.
+        # @!attribute [rw] pubsub_topic
+        #   @return [String]
+        #     The PubSub topic to send notifications to. Its format is
+        #     "projects/[project_id]/topics/[topic]".
+        # @!attribute [r] service_account
+        #   @return [String]
+        #     Output only. The service account that needs "pubsub.topics.publish"
+        #     permission to publish to the PubSub topic.
+        # @!attribute [rw] streaming_config
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig::StreamingConfig]
+        #     The config for triggering streaming-based notifications.
+        class NotificationConfig
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+
+          # The config for streaming-based notifications, which send each event as soon
+          # as it is detected.
+          # @!attribute [rw] filter
+          #   @return [String]
+          #     Expression that defines the filter to apply across create/update events
+          #     of assets or findings as specified by the event type. The expression is a
+          #     list of zero or more restrictions combined via logical operators `AND`
+          #     and `OR`. Parentheses are supported, and `OR` has higher precedence than
+          #     `AND`.
+          #
+          #     Restrictions have the form `<field> <operator> <value>` and may have a
+          #     `-` character in front of them to indicate negation. The fields map to
+          #     those defined in the corresponding resource.
+          #
+          #     The supported operators are:
+          #
+          #     * `=` for all value types.
+          #     * `>`, `<`, `>=`, `<=` for integer values.
+          #     * `:`, meaning substring matching, for strings.
+          #
+          #     The supported value types are:
+          #
+          #     * string literals in quotes.
+          #     * integer literals without quotes.
+          #     * boolean literals `true` and `false` without quotes.
+          class StreamingConfig
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # The type of events.
+          module EventType
+            # Unspecified event type.
+            EVENT_TYPE_UNSPECIFIED = 0
+
+            # Events for findings.
+            FINDING = 1
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1p1beta1/notification_message.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1p1beta1
+        # Cloud SCC's Notification
+        # @!attribute [rw] notification_config_name
+        #   @return [String]
+        #     Name of the notification config that generated current notification.
+        # @!attribute [rw] finding
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
+        #     If it's a Finding based notification config, this field will be
+        #     populated.
+        class NotificationMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1p1beta1/organization_settings.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1p1beta1
+        # User specified settings that are attached to the Cloud Security Command
+        # Center (Cloud SCC) organization.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of the settings. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/organizationSettings".
+        # @!attribute [rw] enable_asset_discovery
+        #   @return [Boolean]
+        #     A flag that indicates if Asset Discovery should be enabled. If the flag is
+        #     set to `true`, then discovery of assets will occur. If it is set to `false,
+        #     all historical assets will remain, but discovery of future assets will not
+        #     occur.
+        # @!attribute [rw] asset_discovery_config
+        #   @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings::AssetDiscoveryConfig]
+        #     The configuration used for Asset Discovery runs.
+        class OrganizationSettings
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+
+          # The configuration used for Asset Discovery runs.
+          # @!attribute [rw] project_ids
+          #   @return [Array<String>]
+          #     The project ids to use for filtering asset discovery.
+          # @!attribute [rw] inclusion_mode
+          #   @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings::AssetDiscoveryConfig::InclusionMode]
+          #     The mode to use for filtering asset discovery.
+          class AssetDiscoveryConfig
+            include Google::Protobuf::MessageExts
+            extend Google::Protobuf::MessageExts::ClassMethods
+
+            # The mode of inclusion when running Asset Discovery.
+            # Asset discovery can be limited by explicitly identifying projects to be
+            # included or excluded. If INCLUDE_ONLY is set, then only those projects
+            # within the organization and their children are discovered during asset
+            # discovery. If EXCLUDE is set, then projects that don't match those
+            # projects are discovered during asset discovery. If neither are set, then
+            # all projects within the organization are discovered during asset
+            # discovery.
+            module InclusionMode
+              # Unspecified. Setting the mode with this value will disable
+              # inclusion/exclusion filtering for Asset Discovery.
+              INCLUSION_MODE_UNSPECIFIED = 0
+
+              # Asset Discovery will capture only the resources within the projects
+              # specified. All other resources will be ignored.
+              INCLUDE_ONLY = 1
+
+              # Asset Discovery will ignore all resources under the projects specified.
+              # All other resources will be retrieved.
+              EXCLUDE = 2
+            end
+          end
+        end
+      end
+    end
+  end
+end